#include <Windows.h>
#include <stdio.h>
#include <stdint.h>

uint8_t OverflowData[] =
    "AAAAAAAAAAAAAAAA" // 16 bytes for size of buffer
    "BBBB"             // +4 bytes for stack cookie
    "CCCC"             // +4 bytes for EBP
    "DDDD";            // +4 bytes for return address

void Overflow(uint8_t* pInputBuf, uint32_t dwInputBufSize) {
    char Buf[16] = { 0 };
    memcpy(Buf, pInputBuf, dwInputBufSize);
}

struct MyStruct { int a; int b; };

void OverflowNonGS(uint8_t* pInputBuf, uint32_t dwInputBufSize) {
    //char* pBuf[20];
    //void* pv[20];
    //char buf[4];
    int buf2[2];

    memcpy(buf2, pInputBuf, dwInputBufSize);
}

struct MyStruct2 {
    uint32_t dwVar;
};

void OverflowStruct(uint8_t* pInputBuf, uint32_t dwInputBufSize) {
    struct MyStruct2 TestStruct = { 0 };
    memcpy(&TestStruct, pInputBuf, dwInputBufSize);
}

int32_t wmain(int32_t nArgc, const wchar_t* pArgv[]) {
    printf("... passing %d bytes of data to vulnerable function\r\n", sizeof(OverflowData) - 1);
    Overflow(OverflowData, sizeof(OverflowData) - 1);
    return 0;
}
